Closed Bug 292947 Opened 19 years ago Closed 19 years ago

Password manager needs to check isTrusted on DOMPageRestore events

Tracking

()

Status:

RESOLVED FIXED

People

(Reporter: bzbarsky, Unassigned)

References

Details

Boris Zbarsky [:bzbarsky]

Reporter

Description

•

19 years ago

This is a review comment from bug 274784:

  Also, what happens if content fires DOMPageRestore events?  Wouldn't autofill
  trigger on those?  Do we need some isTrusted checks here?

Boris Zbarsky [:bzbarsky]

Reporter

Updated

•

19 years ago

Blocks: blazinglyfastback

Brian Ryner (not reading)

Comment 1

•

19 years ago

This was actually addressed in the last patch I posted:

NS_IMETHODIMP
nsPasswordManager::PageRestore(nsIDOMEvent* aEvent)
{
  // Only autofill for trusted events.
  nsCOMPtr<nsIDOMNSEvent> nsevent = do_QueryInterface(aEvent);
  PRBool trusted = PR_FALSE;
  if (nsevent)
    nsevent->GetIsTrusted(&trusted);
  if (!trusted)
    return NS_OK;

Status: NEW → RESOLVED

Closed: 19 years ago

Resolution: --- → FIXED

Nobody; OK to take it and work on it

Assignee

Updated

•

16 years ago

Product: Firefox → Toolkit

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Password manager needs to check isTrusted on DOMPageRestore events

Categories

(Toolkit :: Password Manager, defect)

Tracking

()

People

(Reporter: bzbarsky, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1

Updated